Dropbox is a tool tracked across 43 threat clusters and 61 intelligence report mentions on ThreatCluster. First observed October 23, 2025; most recent activity July 17, 2026.
The Gamaredon group, a Russian-aligned APT, has significantly upgraded its cyber capabilities in 2025, focusing on spear-phishing campaigns against Ukrainian targets. ESET Research reports that Gamaredon conducted 35…
From mid-2024 to early 2026, the Vietnam-aligned APT group OceanLotus has intensified its focus on domestic espionage, utilizing the SPECTRALVIPER backdoor in two major campaigns. The first campaign targeted a…
ESET researchers reported a supply-chain attack by the North Korean APT group ScarCruft, targeting a gaming platform in the Yanbian region of China. The attack, ongoing since late 2024, involved trojanizing both Windows…
In June 2026, Mustang Panda launched two espionage campaigns targeting India's hydropower sector and government entities. The attacks utilized lure documents related to cooperation agreements with Taiwan, delivering…
A new threat actor, JINX-0164, has been identified targeting cryptocurrency firms using custom macOS malware and social engineering tactics. Active since mid-2025, the group employs fake recruiter approaches to gain…
In 2016, climate activists, including Kert Davies, were targeted by a phishing campaign while seeking to hold Exxon Mobil accountable for climate deception. The campaign involved over 100 victims receiving phishing…
A five-month-long espionage campaign targeted the email account of a senior executive at a major global stock exchange. The attackers gained access to sensitive information, including emails, calendar events, and…
Hackers are increasingly targeting newly disclosed vulnerabilities in third-party software to access cloud environments, with the time frame for such attacks decreasing significantly. Google reports a notable decline in…
A new campaign linked to the TimbreStealer malware targets companies in Mexico, employing advanced evasion techniques. Researchers Euler Neto and Cristóbal Tárraga report that the malware uses DLL side-loading with…
A Russian-speaking cybercriminal group, dubbed BlackSanta, is targeting corporate HR teams by sending fake job applications that install malware capable of disabling endpoint detection and response (EDR) tools. This…